<?php
namespace Home\Controller;
use Think\Controller;
class LoginController extends Controller{
	public function login(){
		session(null);
		$this->display();
	}
	
	public function check_login(){
		if(!IS_POST){$this->error("非法表单"); exit;}
		$time = date('Y-m-d H:i:s');
//		$users = M("sys_user");
		$users = D("Login");
		$user_name = str_replace(' ', '', $_POST["user_name"]);
		if( !is_user_name($user_name) || empty($user_name) || strlen($user_name) > 20 ){
			$this->error( "用户名不能为空，且只能是小写字母、数字，不超过20位！" );
		}else{
			$error_log = M("login_error_log");
			$information = M("information");//信息提示
			
			$data = M("sys_user")->where("user_name = '$user_name'")->find();
			//echo M("sys_user")->getLastSql();
			$count = $error_log->where("user_name = '$user_name'")->count();
			if($data['user_name'] == null){
				$this->error('用户或密码错误，请重新登录');
			}else{
				if($count<3){//当该用户名没有有登陆错误日志或者登陆错误次数小于3次时；
//		$this->error(I("post.password"));
					if($data['password'] == md5($_POST['password'])){
						if($data['status'] == 1 ){
							$name = $data['name'];
							session_start();
							session('name',$name);
							session('user_name',$user_name);
							session('dept_id',$data['dept_id']);
							
							$common = new CommonController();
							$common->systemlog('登录',"用户登录", "用户登录成功");
							
							
							//登陆成功之后清除掉密码出现错误的信息
							$this->clean_error_login_log($user_name);
							//echo "aaaa";
//							$url = __APP__;
//							header('location:'.$url);exit(0);
							$this->success("登录成功！");
						}else{
							$this->error('该用户已被禁用！');
						}
					}else{
						$this->add_error_login_log($user_name,$_POST['password']);
						
						$num = 3-$count-1;//计算还剩余多少次输入密码的机会；
						if($num >0){
							$this->error('用户名和密码不匹配！该账号还有 '.$num.' 次输入密码机会');
						}else{
							$this->error('对不起今日该账号输入错误密码次数过多，已被禁用！请联系管理员<陈超>手动解封！');
						}
					}
				}else{
					//echo "<script>alert('对不起，由于您输入的密码错误次数过多，该账号已被暂时禁用！请联系管理员<陈超>手动解封！');</script>";
					$this->error("对不起，您输入的密码错误次数过多，该账号已被暂时禁用！请联系管理员<陈超>手动解封！");
				}
			}
		}
	}
	
	public function add_error_login_log($user_name,$password){//生成登录时输入错误密码的日志；
		$error_log = M("login_error_log");
		$data = array(
			'user_name' => $user_name,
			'password' => $password,
			'error_time' => date("Y-m-d H:i:s"),
			'ip' => get_client_ip()
		);
		$error_log->add($data);//添加错误日志
	}
	
	public function clean_error_login_log($user_name){//清除登录时输入错误密码的日志；
		$error_log = M("login_error_log");
		$error_log->where("user_name='$user_name'")->delete();
	}
	
	public function login_log($user_name){//登陆日志
		$user_login = M("sys_user_login");
		$data = array(
			'user_name' => $user_name,
			'login_time'
		);
		$user_login->add($data);
	}
	
	public function logout(){
		$this->display();
	}
	
	public function reset_pass(){
		$time1 = date('Y-m-d H:i:s');
		strtotime($time1);
		$id = I("get.id");
		$t = I("get.t");
		$key = I("get.key");
		if(!is_id($id)){ $this->error("非法参数！"); }
		
		$time = Date('Y-m-d H:i:s',$t);
		
		$user = M("sys_user");
		$user_mail = M("user_mail");
		$user_name = $user->where('id=%d',$id)->getField('user_name');
		$data = $user_mail->where("user_name='$user_name' AND send_time='$time' AND rand_number='$key' AND status=0")->find();
		if(empty($data)){
			echo "<script>alert('对不起，该链接无效！');</script>";exit;
		}else{
			$date = strtotime($time1)-strtotime($time);
			if($date>60*60*2){
				echo "<script>alert('对不起，该链接已失效！');</script>";exit;
			}else{
				$user_name1 = substr($user_name, 0, 2).'******'.substr($user_name, -2, 2);
				$this->assign('user_name',$user_name1);
				$this->assign('id',$id);
				$this->assign('mail_id',$data['id']);
				$this->display();
			}
		}
	}
	
	public function password_reset(){
		if(!IS_POST){ $this->error("非法表单！"); }
		$id = I("post.id");
		$mail_id = I("post.mail_id");
		if(!is_id($id) || !is_id($mail_id)){ $this->error("非法参数！"); }
		
		$data['password'] = md5($_POST['password']);
		$user = M("sys_user");
		$mail = M("user_mail");
		$success = $user->where('id=%d',$id)->save($data);
		if($success){
			$data1['status'] = 1;
			$mail->where('id=%d',$mail_id)->save($data1);
			$this->success('密码重置成功，3秒钟之后跳转到登陆页面！', 'login');
		}else{
			$this->error('对不起，密码重置失败！');
		}
	}
}
?>